PodVM fails to boot on GCE SEV nodes #2686
Description
Summary
Building the podvm image with make image and uploading it to Google Cloud's SEV-capable n2d-* instances results in a firmware boot loop. The Unified Kernel Image is only placed under \EFI\Linux\, but the GCE firmware only probes the generic fallback path \EFI\BOOT\BOOTX64.EFI. Because of that the VM never loads the kernel.
Steps to Reproduce
cd src/cloud-api-adaptor/podvm-mkosi && DOCKER_DEFAULT_PLATFORM=linux/amd64 make image- Upload
build/system.rawto GCE (e.g. viauplosi upload -c . build/system.raw). - Create a pod that launches a PeerPod VM on a
n2d-standard-*node and watch the serial console.
Actual Result
The console repeatedly prints messages similar to the following and the VM never boots:
UEFI: Failed to load image.
Description: UEFI nvme_card-pd
FilePath: PciRoot(0x0)/Pci(0x4,0x0)/NVMe(0x1,00-00-00-00-00-00-00-00)
Status: Not Found.
Expected Result
The VM should find the Unified Kernel Image and continue booting the pod VM OS.
Additional Context
Copying the generated UKI (/efi/EFI/Linux/*.efi) to /efi/EFI/BOOT/BOOTX64.EFI inside the image fixes the issue because it satisifies the firmware's fallback lookup. The fix is safe for other platforms because it only runs when the UKI exists.